Method and apparatus for peer-to-peer connection assistance

ABSTRACT

One embodiment of the present method and apparatus for assisting a peer-to-peer connection between a first node and a second node includes receiving, at a third node, a request for connection assistance from one of the first and second nodes. The third node then connects to both the first node and the second node, receives the data from the first node and delivers the data to the second node. In this manner, data may be transferred between the first and second nodes even if the first and second nodes are unable to directly connect to each other (e.g., due to permanent or temporary limitations).

FIELD OF THE INVENTION

The present invention relates generally to computing networks andrelates more particularly to facilitating data transfers betweencomputing devices.

BACKGROUND

FIG. 1 is a schematic diagram of a network 100 of nodes (e.g., computingdevices) interacting in a peer-to-peer (P2P) manner. Generally, arequesting node 101 sends a search message 105 (e.g., containingkeywords relating to data that the requesting node 101 wishes to locate)to one or more intermediate network nodes 111 connected to therequesting node 101. Each intermediate node 111 receives the searchmessage 105 and then forwards the search message 105 to one or moreadditional nodes 111. Eventually, the search message 105 reaches one ormore responding nodes 103 having the requested data. One or moreresponding nodes 103 then send a response message 107 back to therequesting node 101, e.g., via the intermediate nodes 111. Therequesting node 101 then requests the relevant data from a respondingnode 103 by connecting directly to the responding node 103, e.g., viadirect connection 109.

In some cases, the requesting node 101 and the responding node 103 maynot be able to connect to or communicate with each other. This conditionmay be permanent (e.g., the requesting node 101 and the responding node103 are each behind different firewalls), or it may only be temporary(e.g., a network outage occurring on a path between the requesting node101 and the responding node 103). In either case, the requesting node101 and the responding node 103 will be unable, at least immediately, tocomplete the desired data transfer. Although the requesting node 101 andthe responding node 103 might be able to communicate via a series ofother nodes 111, the necessary traversal of multiple network links makesthis solution not optimal (e.g., due to multiple potential points offailure, response time, etc.).

Thus, there is a need in the art for a method and apparatus forpeer-to-peer connection assistance.

SUMMARY OF THE INVENTION

One embodiment of the present method and apparatus for assisting apeer-to-peer connection between a first node and a second node includesreceiving, at a third node, a request for connection assistance from oneof the first and second nodes. The third node then connects to both thefirst node and the second node, receives the data from the first nodeand delivers the data to the second node. In this manner, data may betransferred between the first and second nodes even if the first andsecond nodes are unable to directly connect to each other (e.g., due topermanent or temporary limitations).

BRIEF DESCRIPTION OF THE DRAWINGS

So that the manner in which the above recited embodiments of theinvention are attained and can be understood in detail, a moreparticular description of the invention, briefly summarized above, maybe obtained by reference to the embodiments thereof which areillustrated in the appended drawings. It is to be noted, however, thatthe appended drawings illustrate only typical embodiments of thisinvention and are therefore not to be considered limiting of its scope,for the invention may admit to other equally effective embodiments.

FIG. 1 is a schematic diagram of a network of nodes interacting in apeer-to-peer manner;

FIG. 2 is a flow diagram illustrating one embodiment of a method forfacilitating a data transfer between two nodes that are unable toconnect directly to each other;

FIG. 3 is a flow diagram illustrating one embodiment of a method forassisting a data transfer between a first and a second network node,according to the present invention;

FIG. 4 is a flow diagram illustrating one embodiment of a method formonitoring network traffic and/or data transfers to and from a node,according to one embodiment of the present invention; and

FIG. 5 is a high level block diagram of the connection assistance methodthat is implemented using a general purpose computing device.

To facilitate understanding, identical reference numerals have beenused, where possible, to designate identical elements that are common tothe figures.

DETAILED DESCRIPTION

In one embodiment, the present invention is a method and apparatus forpeer-to-peer connection assistance. Embodiments of the present inventionenable data to be transferred between two nodes that are unable toconnect directly (but are known to each other) by enabling the two nodesto use a partner node as an intermediary. The desired data istransferred to the partner node, which in turn delivers the data to therequesting node. In this manner, the desired data transfer can takeplace despite the inability of the transferring parties to connectdirectly.

FIG. 2 is a flow diagram illustrating one embodiment of a method 200 forfacilitating a data transfer between two nodes that are unable toconnect directly to each other (e.g., due to both nodes being behinddifferent firewalls, a severed network link or high bandwidth usage).The method 200 may be implemented at, for example, the requesting node101 or the responding node 103 of FIG. 1.

The method 200 is initialized at step 202 and proceeds to step 204,where the method 200 sends a partner request message. That is, themethod 200 solicits responses from other nodes in the network that canor will assist the node at which the method 200 is executing inaccomplishing a desired data transfer with a second node. In oneembodiment, the partner request message includes one or more detailsabout the desired network connection (e.g., “would like to connectremotely to node X”).

In step 206, the method 200 receives at least one partneracknowledgement message from at least one other node in the network thatcan assist in the execution of the desired data transfer.

In step 208, the method 200 selects a partner node from the one or morenodes that responded to the partner request message with a partneracknowledgement message. In one embodiment, the selection of a partnernode is based at least in part on how quickly a potential partner noderesponds (e.g., the first node to respond to the partner requestmessage) and/or on the attributes (e.g., network speed, such as T1,cable, DSL or modem) of the potential partner node, if such attributesare supplied.

Once the partner node has been selected, the method 200 proceeds to step210 and connects to the partner node (e.g., via a standard pushconnection if the node at which the method 200 is executing is behind afirewall). If the method 200 is unable to successfully connect to theselected partner node, the method 200 may select another of the nodesthat responded with a partner acknowledgement message. In oneembodiment, once the connection is established, the method 200 providesdetails regarding the desired network connection (e.g., “would like toconnect remotely to node X”) to the partner node.

The method 200 then commences the desired data transfer via the partnernode in step 212. Thus, if the method 200 is executing at a requestingnode, the method 200 will receive the desired data from the partnernode; if the method 200 is executing at a responding node, the method200 will deliver the desired data to the partner node, which will inturn deliver the desired data to the requesting node.

In step 214, the method 200 determines whether the data transfer iscomplete. If the method 200 determines in step 214 that the datatransfer is not complete, the method 200 returns to step 212 andcontinues to transfer the desired data.

Alternatively, if the method 200 determines in step 214 that the datatransfer is complete, the method 200 proceeds to step 216 anddisconnects from the partner node. The method 200 then terminates instep 218.

The method 200 thereby assists in the transfer of data between two nodesthat are unable to connect directly by enabling the two nodes to use apartner node as an intermediary. The desired data is transferred to thepartner node, which in turn delivers the data to the requesting node. Inthis manner, the desired data transfer can take place despite theinability of the transferring parties to connect directly. In addition,the use of an intermediary enables a user to monitor or control the datathat is transferred to or from a given node. The present invention maytherefore be further implemented, for example, to help parents monitortheir children's file sharing activities.

FIG. 3 is a flow diagram illustrating one embodiment of a method 300 forassisting a data transfer between a first and a second network node,according to the present invention. The method 300 may be implemented,for example, at a node that acts as a partner node in a data transferbetween two nodes that are unable to connect directly.

The method 300 is initialized at step 302 and proceeds to step 304,where the method 300 receives a partner request message from the firstnode. As described above, the partner request message is a message fromthe first node that solicits the assistance of a partner node inexecuting a data transfer with another node. In one embodiment, thepartner request message includes one or more details about the desirednetwork connection (e.g., “would like to connect remotely to node X”).

In step 306, the method 300 sends a partner acknowledgement message tothe first node, in response to the partner request message. The partneracknowledgement message indicates that the node at which the method 300is executing can or will assist with the desired data transfer. In oneembodiment, the method 300 chooses to respond to the partner requestmessage with a partner acknowledgement message based on the availabilityof the node at which the method 300 is executing (e.g., centralprocessing unit time, network bandwidth, etc.) and/or on a time to live(TTL) value specified in the partner request message (e.g., as the TTLvalue decreases, the probability increases that another node willrespond to the partner request message). In another embodiment, themethod 300 chooses to respond to the partner request message with apartner acknowledgement message based on a randomly generated number. Insuch an embodiment, the method 300 essentially “flips a coin” todetermine whether to respond to the partner request message, althoughthe distribution of possible responses is not necessarily 50/50(respond/don't respond). For example, if the TTL value of the partnerrequest message is high, the odds of the method 300 responding may beapproximately equal to the odds of the method 300 not responding (e.g.,50/50). However, if the TTL value of the partner request message is low(e.g., one or two), the odds may be greater that the method 300 willrespond (e.g., 90/10). In another embodiment (e.g., where the node atwhich the method 300 is executing has been configured to monitor thefile sharing activities of the first node), the method 300 always sendsa partner acknowledgement message in response to a partner requestmessage from the first node. In such a situation, the node at which themethod 300 is executing may have multiple active network connections onbehalf of the first node.

In step 308, the method 300 connects to the first node, e.g., based onthe first node making a selection of a partner node. The method 300 thenconnects to the second network node, e.g., the node that the first nodewishes either to send data to or to receive data from. In oneembodiment, the method 300 connects to the second node only after thefirst node has connected and provided details regarding the desirednetwork connection (e.g., “would like to connect remotely to the secondnode”). In one embodiment, if one or both of the first and second nodesis behind a firewall, the method 300 connects to such nodes using astandard push connection.

In step 312, the method 300 receives data from one of the first node andthe second node, whichever is the responding node for the desired datatransfer.

Once the data has been received, the method 300 optionally proceeds tostep 314 (illustrated in phantom) and determines whether the dataincludes any prohibited content (e.g., based on a keyword search). Asdiscussed above, this enables the node at which the method 300 isexecuting to control the data that is delivered to or from the firstnode and/or the second node. Thus, step 314 may be executed by a parentmonitoring the file sharing activities of his or her child, but may beskipped by users that wish to share data in an unsupervised fashion.

If the method 300 determines in optional step 314 that the data doescontain prohibited content, the method 300 proceeds to step 316 andblocks the data transfer. That is, the method 300 will not deliver thedata to the intended recipient (i.e., the first or the second node). Inone embodiment, the threshold for assessing prohibited content isuser-dependent (e.g., dependent on how strict the parent wants to makethe filter). For example, the occurrence of one keyword may besufficient grounds to block the data transfer. Alternatively, athreshold number of keywords (e.g., at least n keywords) may be requiredbefore the data transfer is blocked.

In one embodiment, data that is blocked in accordance with step 316 isdeleted. In another embodiment, data that is blocked in accordance withstep 316 is stored (e.g., to be reviewed by a parent).

The method 300 then proceeds to step 322 and disconnects from the firstnode and the second node. In step 324 (illustrated in phantom), themethod 300 then optionally logs the attempted data transfer (e.g.,stores a record of the attempted data transfer, for example in adatabase). In one embodiment, the log of the attempted data transferincludes at least one of: what was searched for (e.g., the text string),what was downloaded (e.g., the file name, file size, etc.), and what wasreturned (e.g., the search results). In one embodiment, a review of thesearch results can give an indication of how well the filter blockedprohibited content. Because slang words and variations on spellingsevolve constantly, frequent review of the filter's results may bedesirable. The method 300 then terminates in step 326.

Alternatively, if the method 300 determines in optional step 314 thatthe data received in step 312 does not contain prohibited content, themethod 300 proceeds to step 318 and delivers the data to the other ofthe first node and the second node, whichever is the requesting node forthe desired data transfer.

In step 320, the method 300 determines whether the data transfer iscomplete. If the method 300 determines that the data transfer is notcomplete, the method 300 returns to step 318 and continues the datatransfer.

However, if the method 300 determines in step 320 that the data transferis complete, the method 300 proceeds to step 322 and proceeds asdescribed above to disconnect from the first and second nodes andoptionally log the data transfer.

FIG. 4 is a flow diagram illustrating one embodiment of a method 400 formonitoring network traffic and/or data transfers to and from a node,according to one embodiment of the present invention. The method 400 maybe implemented, for example, at a node controlled by a parent who wishesto monitor the file sharing activities of his or her child. In such anembodiment, the node operated by the child may be forced to connect toother nodes through the node operated by the parent, for example due toa network firewall that prohibits the node operated by the child fromdirectly connecting to the P2P network. As discussed above, aparent-operated or monitoring node may be configured to monitor thetransfer of data to and from a child-operated or monitored node. Infurther embodiments, the monitoring node may be configured to monitorall network traffic to and from the monitored node in addition totransferred data or files. In such a situation, the monitored node maymaintain only a single connection to the monitoring node, whichmaintains multiple connections on behalf of the monitored node. In thismanner, all traffic to and from the monitored node must first passthrough the monitoring node.

The method 400 is initialized at step 402 and proceeds to step 404,where the method 400 receives a search message from a first (e.g.,monitored) node. The first node may be operated, for example, by achild. The search message may contain a text string including keywordsrelated to data that the first node wishes to retrieve from a network.

In step 406, the method 400 determines whether the search messagecontains prohibited content (e.g., based on the occurrence of one ormore keywords in the search message). If the method 400 determines instep 406 that the search message does contain prohibited content, themethod 400 proceeds to step 428 and blocks the search message (e.g.,does not forward the search message). The method 400 then proceeds tooptional step 424 (illustrated in phantom) and logs the attempted datatransfer before terminating in step 426. If the attempted data transferis not logged, the method 400 may simply delete the blocked searchmessage.

Alternatively, if the method 400 determines in step 406 that the searchmessage does not contain prohibited content, the method 400 proceeds tostep 408 and forwards the search message through the network.

In step 410, the method 400 receives at least one response message froma second node, e.g., indicating that the second node has the datarequested in the search message.

In step 412, the method 400 determines whether the response messagecontains any prohibited content (e.g., based on the occurrence of one ormore keywords in the response message). If the method 400 determines instep 412 that the response message does contain prohibited content, themethod 400 proceeds to step 430 and blocks the response message (e.g.,does not forward the response message to the first node). The method 400then proceeds to optional step 424 and logs the attempted data transferbefore terminating in step 426.

Alternatively, if the method 400 determines in step 412 that theresponse message does not contain any prohibited content, the method 400proceeds to step 414 and delivers the response message to the firstnode.

In step 416, the method 400 receives a request from the first node toretrieve data from the second node, e.g., in accordance with theresponse message. The method 400 then connects to the second node andretrieves the requested data in step 418.

In step 420, the method 400 determines whether the retrieved datacontains any prohibited content (e.g., based on the occurrence of one ormore keywords in the data, or the detection of a virus). In oneembodiment, the method 400 determines the content of the retrieved databy first retrieving the entire file and then reviewing the data. Inanother embodiment, the method 400 reviews individual bytes of data asthey are received. In yet another embodiment, the method 400 simplysaves the data locally for later review.

If the method 400 determines in step 420 that the retrieved data doescontain prohibited content, the method 400 proceeds to step 432 andblocks the data transfer (e.g., does not forward the retrieved data tothe first node). The method 400 then proceeds to optional step 424 andlogs the attempted data transfer before terminating in step 426.

However, if the method 400 determines in step 420 that the retrieveddata does not contain prohibited content, the method 400 proceeds tostep 422 and delivers the retrieved data to the first node, beforeoptionally logging the data transfer in step 424 and terminating in step426. In one embodiment, the method 400 delivers the entirety of theretrieved data (e.g., an entire file) to the first node. In anotherembodiment, the method 400 delivers individual bytes of the data to thefirst node as the bytes are retrieved and reviewed.

FIG. 5 is a high level block diagram of the connection assistance methodthat is implemented using a general purpose computing device 500. In oneembodiment, a general purpose computing device 500 comprises a processor502, a memory 504, a connection assistance module 505 and variousinput/output (I/O) devices 506 such as a display, a keyboard, a mouse, amodem, and the like. In one embodiment, at least one I/O device is astorage device (e.g., a disk drive, an optical disk drive, a floppy diskdrive). It should be understood that the connection assistance module505 can be implemented as a physical device or subsystem that is coupledto a processor through a communication channel.

Alternatively, the connection assistance module 505 can be representedby one or more software applications (or even a combination of softwareand hardware, e.g., using Application Specific Integrated Circuits(ASIC)), where the software is loaded from a storage medium (e.g., I/Odevices 506) and operated by the processor 502 in the memory 504 of thegeneral purpose computing device 500. Thus, in one embodiment, theconnection assistance module 505 for facilitating communications betweentwo nodes in a peer-to-peer network described herein with reference tothe preceding Figures can be stored on a computer readable medium orcarrier (e.g., RAM, magnetic or optical drive or diskette, and thelike).

Thus, the present invention represents a significant advancement in thefield of data transfer networks. A method and apparatus are providedthat enable data to be transferred between two nodes that are unable toconnect directly by enabling the two nodes to use a partner node as anintermediary. The desired data is transferred to the partner node, whichin turn delivers the data to the requesting node. In this manner, thedesired data transfer can take place despite the inability of thetransferring parties to connect directly. In addition, the use of anintermediary enables a user to monitor or control the data that istransferred to or from a given node. The present invention may thereforebe further implemented, for example, to help parents monitor theirchildren's file sharing activities.

While foregoing is directed to the preferred embodiment of the presentinvention, other and further embodiments of the invention may be devisedwithout departing from the basic scope thereof, and the scope thereof isdetermined by the claims that follow.

1. A method for transferring data from a first node to a second node ina peer-to-peer network, said method comprising the steps of: receiving,at a third node in said peer-to-peer network, a request for connectionassistance from one of said first node and said second node, at leastone of said first node and said second node being known to the other ofsaid first node and said second node, but said first node and saidsecond node being unable to connect to each other directly; connectingto said first node; connecting to said second node; receiving, at saidthird node, said data from said first node; and delivering said datafrom said third node to said second node.
 2. The method of claim 1,further comprising: sending an acknowledgement to said first node orsaid second node in response to said request for connection, saidacknowledgement indicating that said third node is able to assist in atransfer of said data.
 3. The method of claim 2, wherein saidacknowledgement is sent based on at least one of: an availability ofsaid third node, a value in a time to live field of said request forconnection or a randomly generated number.
 4. The method of claim 2,wherein said acknowledgement is always sent in response to a request forconnection from at least one of said first node or said second node. 5.The method of claim 1, wherein said third node is configured formonitoring data transfers involving said at least one of said first nodeand said second node.
 6. The method of claim 5, wherein said third nodemaintains at least one active network connection on behalf of said atleast one of said first node or said second node.
 7. The method of claim1, wherein said request for connection includes one or more detailsrelating to the desired data transfer.
 8. The method of claim 1, whereinsaid one of said first node or said second node provides one or moredetails relating to said desired data transfer upon connecting to saidthird node.
 9. The method of claim 1, further comprising: logging saiddata transfer upon completion.
 10. The method of claim 1, furthercomprising: examining said data for prohibited content; and blocking atransfer of said data to said second node if said data containsprohibited content.
 11. The method of claim 1, wherein said first nodeis behind a first network firewall and said second node is behind asecond network firewall.
 12. The method of claim 1, wherein a networkoutage exists on a path between said first node and said second node.13. The method of claim 1, further comprising, prior to receiving saidrequest for connection assistance: receiving, from said second node, asearch request message; examining said search request message for thepresence of prohibited content; forwarding said search request messagethrough said network if said search request message does not containprohibited content; and blocking said search request message if saidsearch request message contains prohibited content.
 14. The method ofclaim 13, further comprising: receiving, from said first node, aresponse message responding to said search request message; examiningsaid response message for the presence of prohibited content; forwardingsaid response message to said second node if said response message doesnot contain prohibited content; and blocking said response message ifsaid response message contains prohibited content.
 15. The method ofclaim 1, wherein said first node and said second node are both known toeach other.
 16. A computer readable medium containing an executableprogram for transferring data from a first node to a second node in apeer-to-peer network, where the program performs the steps of:receiving, at a third node in said peer-to-peer network, a request forconnection assistance from one of said first node and said second node,at least one of said first node and said second node being known to theother of said first node and said second node, but said first node andsaid second node being unable to connect to each other directly;connecting to said first node; connecting to said second node;receiving, at said third node, said data from said first node; anddelivering said data from said third node to said second node.
 17. Thecomputer readable medium of claim 16, further comprising: sending anacknowledgement to said first node or said second node in response tosaid request for connection, said acknowledgement indicating that saidthird node is able to assist in a transfer of said data.
 18. Thecomputer readable medium of claim 16, wherein said third node isconfigured for monitoring data transfers involving said at least one ofsaid first node or said second node.
 19. The computer readable medium ofclaim 16, further comprising: logging said data transfer uponcompletion.
 20. The computer readable medium of claim 16, furthercomprising: examining said data for prohibited content; and blocking atransfer of said data to said second node if said data containsprohibited content.
 21. The computer readable medium of claim 16,wherein said first node and said second node are both known to eachother.
 22. Apparatus for transferring data from a first node to a secondnode in a peer-to-peer network, comprising: means for receiving, at athird node in said peer-to-peer network, a request for connectionassistance from one of said first node and said second node, at leastone of said first node and said second node being known to the other ofsaid first node and said second node, but said first node and saidsecond node being unable to connect to each other directly; means forconnecting to said first node; means for connecting to said second node;means for receiving, at said third node, said data from said first node;and means for delivering said data from said third node to said secondnode.